MoD adopts new cybersecurity standards for information systems

The Ministry of Defence of Ukraine continues its efforts to enhance resilience against cyber threats. To this end, Order No. 692/nm, dated October 15, approved the Sectoral Security Profile — a set of rules for protecting information systems that process open, confidential, or restricted information.

The document establishes unified minimum cybersecurity requirements for systems used by the Ministry of Defence, the Armed Forces of Ukraine, and the State Special Transport Service. It was developed in accordance with international standards and national legislation, taking into account the particularities of the defense sector.

“Unified cybersecurity rules will enable more effective protection of our information resources and accelerate the development and implementation of new services,” said Oksana Ferchuk, Deputy Minister of Defence of Ukraine for Digital Development, Digital Transformation, and Digitalization.

The main objective of the Security Profile is to ensure a unified approach to data protection, enhance cybersecurity, and streamline system compliance assessment. The Security Profile includes requirements covering access control, data protection, and security monitoring, along with guidance on implementing administrative and technical measures. All relevant structural units that will operate under the Security Profile will complete training on its application.

The Sectoral Security Profile was developed pursuant to Resolution No. 712 of the Cabinet of Ministers of Ukraine, dated June 18, 2025. It is mandatory for all systems that process open, confidential, or restricted information, except for Class 1 automated systems.